This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-lamp-13.0-wheezy-i386.iso.sig gpg: Signature made Mon Oct 14 17:45:47 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum a06fd0f6cb916cedf5aedb39383bdb806317b59e * md5sum b93aa20836e11ffe30d9239920ed1644 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXC3AAAoJEIXCXpWhbrlN3WkIAJGSppChY53+EQdofCl+ZUnp QJgbzpLwuvcl4LhgNjkdMbbQubIeAwQbtMVrCI2GRPpdJrJHmC3YE17A+2N+UWKU ORO+kD6fj9WZ2eJg7K9PYIFBM8vm0mNtjQbU3ldTY1OswZgPwwvkXaKFYSRccpwn NaEDOlQCXeDn/LbwFwATJjwqqCISkEKDhW56WdOFe94Ce9AR3KlbG1bPcVEtiK5m Nq30Xz4XqkCUlflspK0hzz/4AWD/L4vW9MLdj73TN3E4+HWc8qsC5IVtgGu7PRa+ xOo0Y8hk/dVTcosQb0wghgSNQG9qcDKlFjH8NirE6eV1NujwKSDg3n30nKD5Vto= =mXne -----END PGP SIGNATURE-----